• Identifier of the vulnerability: CVE-2024-52803
• Affected software: LLaMA-Factory (versions <= 0.9.0)
• Type of vulnerability: OS Command Injection / Remote Code Execution
• Requires authentication: No
• Language you would use for writing the plugin: Templated plugins
• Resources:
  • GitHub Advisory - GHSA-hj3w-wrh4-44vp

Exploitation as shown in this gist(https://gist.github.com/superboy-zjc/f2d2b93ae511c445ba97e144b70e534d) can happen on path /queue/join and then a GET on /queue/data?session=. If fingerprinting/detection is needed for the service, a GET to / could show a gradio based interface via response header